{"id":"CVE-2023-32629","details":"Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels","modified":"2026-05-04T08:41:15.107472Z","published":"2023-07-26T02:15:09.413Z","withdrawn":"2026-05-04T08:41:15.107472Z","references":[{"type":"WEB","url":"http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.html"},{"type":"ADVISORY","url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32629"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6250-1"},{"type":"FIX","url":"https://lists.ubuntu.com/archives/kernel-team/2023-July/140920.html"},{"type":"EVIDENCE","url":"https://wiz.io/blog/ubuntu-overlayfs-vulnerability"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-32629.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"23.04"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}